PrepAway - Latest Free Exam Questions & Answers

Which domain controller should you identify?

Your network contains an Active Directory forest. The forest contains a single domain named contoso.com. The
domain contains four domain controllers. The domain controllers are configured as shown in the following table.

All domain controllers are DNS servers.
You plan to deploy a new domain controller named DC5 in the contoso.com domain.
You need to identify which domain controller must be online to ensure that DC5 can be promoted successfully
to a domain controller.
Which domain controller should you identify?

PrepAway - Latest Free Exam Questions & Answers

A.
DC1

B.
DC2

C.
DC3

D.
DC4

Explanation:
Relative ID (RID) Master:
Allocates active and standby RID pools to replica domain controllers in the same domain. (corp.contoso.com).
Must be online for newly promoted domain controllers to obtain a local RID pool that is required to advertise or
when existing domain controllers have to update their current or standby RID pool allocation.
The RID master is responsible for processing RID pool requests from all domain controllers in a particular
domain. When a DC creates a security principal object such as a user or group, it attaches a unique Security ID
(SID) to the object. This SID consists of a domain SID (the same for all SIDs created in a domain), and a
relative ID (RID) that is unique for each security principal SID created in a domain. Each DC in a domain is
allocated a pool of RIDs that it is allowed to assign to the security principals it creates. When a DC’s allocated
RID pool falls below a threshold, that DC issues a request for additional RIDs to the domain’s RID master. The
domain RID master responds to the request by retrieving RIDs from the domain’s unallocated RID pool and
assigns them to the pool of the requesting DC At any one time, there can be only one domain controller acting
as the RID master in the domain.

The Infrastructure Master – The purpose of this role is to ensure that cross-domain object references are
correctly handled. For example, if you add a user from one domain to a security group from a different domain,
the Infrastructure Master makes sure this is done properly. As you can guess however, if your Active Directory
deployment has only a single domain, then the Infrastructure Master role does no work at all, and even in a
multi-domain environment it is rarely used except when complex user administration tasks are performed, so
the machine holding this role doesn’t need to have much horsepower at all.


Leave a Reply